Considering giving up on F-Secure products due to critical usabilty issues

F-Secure is perhaps the best AV solution in the world but it has certain problems I just cannot cope with:

 

1) During each updates F-Secure overwrite pretty much all the files under

C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\aquarius\core

I believe this process could be improved and streamlined so that only few files have to be updated like all other sane AV solutions do.

 

2) F-Secure programmers have never heard of preallocating files so each update creates over five hundred highly fragmented files. This could be easily solved by using

SetFilePointerEx() followed by SetEndOfFile()

before writing files to the disk but perhaps it's black magic to them.

 

3) The F-Secure system tray icon doesn't have an option to stop AV. See item 4 why it's needed.

 

4) The F-Secure AV engine has the highest false detection rate in the industry. It's simply annoying that for each release I have to send your dozens of clean files which you deem "infected".

 

5) Do not change system settings beyond my back: I did not ask you to reenable Automatic Updates on my system. Considering that Microsoft cannot quite make Windows Updates work reliably you just make people's lives harder. If you want to help unsavvy people who got infected and viruses disabled WU for them feel better, just ask this question and offer a choice, "We have detected that the WU service is disabled on your system. We consider this a threat to your security. Would you like to reenable this service? Yes or No/Cancel". Perhaps you also reenabled System Restore checkpoints but I don't remember now. This also must be asked.

 

6) What about e-mail support? I see chat which is always unavailable, phone which I guess is only useful for emergencies and forums which are not what I'd call "official".

 

Regards,

 

Artem S. Tashkinov

Comments

  • SimonSimon Posts: 2,653 Superuser
    Simply as a another forum user, and not a member of F-Secure staff, I'd be interested to learn a little of your type of usage. For example, I do not have the issues you mentioned with regards updates, because I hardly ever notice when these are occurring. What is the problem with the aquarius file being overwritten?

    In my personal usage, I can't say that I've noticed many false positives. In fact, when I used another major brand for a while, there were so many false positives that I actually gave up on the product after a week, and came back to F-Secure. Of course, this may vary with different types of usage, for example, if you are writing scripts etc, which F-Secure may not "know" to be safe.

    I can't comment on your Windows Updates issue, as I never turn them off, but it did make me wonder if perhaps it was actually Microsoft turning them back on, as Windows 10 tends to think it "knows best", rather than F-Secure interfering with your settings.

    Just my thoughts... :)
    yeoldfart
  • UkkoUkko Posts: 3,198 Superuser

    Hello,

     

    Sorry for my reply too.

    I also just F-Secure user and about your words (based on my experience):

     

    FIRST point (about): I think this is certainly work around normal design. And mainly this core-files and work with them.... can be common between some of other security companies. F-Secure have one of "more-briefly" work with this (based on my experience).

    Main point that maybe update-actions not just for "files" (which removed/added) - just because probably there is can be "re-signed" signatures/databases. For security reason - that there is comes valid ones from known valid servers and can be used under the system.

    And this is not each update, but when Aquarius-engine signatures update comes. If there can be for each update (like Hydra or other modules) - so maybe this is not normal design;

     

    SECOND point (about): I not really friendly with development, so.... I can not to talk about it properly.

    But this is known for me.. that F-Secure have (not all probably, but a lot of and core of teams) high quality developers.

    And design of their work is "using knowledge" of system possibilities and hard work with guidelines (like recommended steps and valid steps for design).

    So... I think - if there will be response from F-Secure team (under this topic) - so you able to talk about it more and they can to understand this ask more properly. Maybe there is can be improve-actions, of course.

    I can just to think about something like "backup" of files (where there is during update created some kind of back up for previous "signatures-files" or temporary files before re-placing to main folder); This is can be related with design of "on-the-fly"-updating signatures (where not required unload protection software for install updates - like it was previously with traditional design).

     

    THIRD point (about):  tray do not have this feature, yes; But you have ability to use Main UI feature (for proper step as common situation); Or command line for unload (for situation... which maybe related with your experience as developer);

    Also, of course, helpful can be exclusions lists (two - for manual scanning and for real-time);

     

    FOURTH point (about): based on some feedback and some of tests - yes... F-Secure can to have f/p-rate with high-points; But with my experience (also) I get less f/p-detections with F-Secure, than with other companies (which tried). If we talk about certainly detection-action.

    But F-Secure always work with this (improve design for create protection with less f/p detection-rate);

     

    FIFTH point (about):  with system where possible to disable Windows Update (not Windows 10?) - F-Secure take save this feature as user decision.

    Most likely.. that settings overwritten after removal action. When F-Secure detected some kind of "high risk" malware (or trouble with system, where required restart; or where malicious files under most of critical-suspicious place) and trigger removal/cleaning action : as result Windows Update settings back to default (and some of other settings too).

     

    I still not sure... if this is limitation of F-Secure removal action (as F-Secure do not able do not this with proper result with another meanings) or this is limitation for system design (and removal/cleaning actions by security software);

     

    Or this is certainly "proper" design. Just because cleaning/removal usually will be triggered just when malicious files detected (common situation for common using system - this is not false positive) and proper clean can be just when some of things (like updating system) back to "recommended" point.  Or there is not possible to detect - if this action really required (when malicious file is detected - not visible.. if Windows Updates disabled by user or by this malicious activities).

     

    At least.. if you do not experienced with removal/cleaning action by F-Secure.. your settings for disabled Windows Update should be stay with this disabled point.

     

    -----

    -----

    What about support: with recent times there was request-support page for create something like ticket (by mail - if you want to get response).

    On current time.. probably...as many other companies - F-Secure will try to create less resources-usage for support (by mail-tickets). And for support home users there is possible (on current time) just this things, which you noted.

    I think maybe this is can to based on re-design for their support work. At least "transferring" URLs or files comes to be same with previous "ticket-support by mail" and as result potentially delays.

     

    But anyway.... this is just my suggestions (sorry for that) and probably you prefer to get normal official response by F-Secure team (this is can be; and if not - maybe you just able to "up" topic time to time for get response from F-Secure team or from F-Secure community team);

    jolepe
  • VoidVoid Posts: 3

    Aside from two spam posts above does anyone from the F-secure dev team frequent this forum?

     

    ("Spammy" because the people who made those posts have exactly zero knowledge in IT/PC/OS/low level stuff - a lot of water and nothing relevant to the problems I outlined).

This discussion has been closed.